Tech Pro Research

A DDoS attack attempts to overload a company system — such as a web server — by sending so many communications requests that legitimate traffic cannot get through. It's the digital equivalent of jamming a postbox full of leaflets so that real letters can't get through.

The 'distributed' refers to the army of PCs — acting without their owners' knowledge, usually thanks to a virus infection — that are used to deliver the attacks. Banks, retailers and online gambling companies are among the most commonly targeted firms — organisations that face significant loss of business if their websites cannot respond to customers.

Sometimes a DDoS attack is just cover for a bigger crime. For example, it was recently revealed that organised crime groups can use a DDoS attack against a bank to divert the attention of the bank's security team while the criminals plunder accounts using stolen credentials.

According to the BT-commissioned research, which covered 11 countries, DDoS attacks are seen as a key concern by a third of UK organisations (36 percent), although they seem to worry less than their international rivals: globally, almost twice as many organisations (58 percent) named DDoS as a key concern.

Perhaps that's because about half of UK organisations (49 percent) have a response plan in place, even though just one in 10 UK decision makers interviewed said they strongly believed they have sufficient resources in place to counteract an attack.

Respondents said that customer complaints and queries jumped by an average of 36 percent following an attack. On average, organisations take 12 hours to fully recover from an especially powerful attack, while in the UK more than half of IT decision makers (58 percent) said DDoS attacks had brought down their systems for more than six hours.